9 must-do's if you must stick with Windows XP

Without updates after April 8 Windows XP is expected to fall prey to any number of zero-day attacks for which Microsoft will provide no defense, but there are some things die-hard XP users can do to make their machines safer.

Without updates after April 8 Windows XP is expected to fall prey to any number of zero-day attacks for which Microsoft will provide no defense, but there are some things die-hard XP users can do to make their machines safer.

In its threat report for the second half of 2013, security vendor F-Secure sets down nine of them, including some for home users:

Air-gap or isolate on separate networks the XP devices in order to protect more modern machines from being attacked by compromised XP devices.

Install the final Windows XP update so machines start their unsupported lives protected from the latest known vulnerabilities.

Install an alternative, current browser and make it the default. Windows XP comes with Internet Explorer but it only supports up to IE 9, making the security features of IE 10 and 11 unavailable.

Fully patch Microsoft Office if it's on the machine to reduce the chances of it compromising the device.

Uninstall unused third-party software. The older it is, the more likely it is to be vulnerable.

Consider disabling or uninstalling browser plugins for third-party software, and set the browser to ask what to do with PDFs, etc., rather than opening them by default.

Install up-to-date firewalls and anti-virus software.

Keep the computer on a trusted network behind a NAT router, which acts as a hardware firewall.

Consider upgrading to a supported OS.

F-Secure says it's very important to prevent XP computers from being exploited, "because once compromised it is much moredifficult to repair than its siblings. An ounce of prevention is really worth more than a cure in the case of XP."

Tim Greene covers Microsoft and unified communications for Network World and writes the Mostly Microsoft blog. Reach him at tgreene@nww.com and follow him on Twitter @Tim_Greene.